Two-thirds of businesses experienced some type of attempted or actual payment fraud in 2011, according to recent industry surveys, and more than 25 percent of banks are reporting a rise in attempted fraud incidents. Although not all attempts result in financial loss, when they do it’s typically around $20,000.
There’s also reputation risk and extra work when somebody gets account information and starts utilizing it in an inappropriate manner, says Ted Sheerer, Senior Vice President and Group Manager of Cash Management at First Commonwealth Bank.
“Companies need to understand the risks and take them seriously,” he says. “It may cost a little bit and make things slightly less convenient, but they need to do everything necessary to protect their financial assets. They need to take proactive steps and not wait until a loss occurs.”
Smart Business spoke with Sheerer about guarding against corporate financial fraud.
Why has financial fraud increased?
Fraud has increased primarily because of technology — from software that makes it easy to create authentic-looking checks to phishing scams, viruses and malware that can compromise a network and PCs. A company’s financial assets could be more vulnerable today than ever. However, there are ways to substantially reduce risk.
What are some examples of financial fraud?
If a company’s account and routing numbers get compromised, they can become exposed to individuals generating fraudulent checks. Some businesses, through the utilization of Positive Pay, which matches check issue data, including payee line, with items presented to the bank, can catch this with no financial loss. The bank alerts the business regarding items that do not match, and offers the opportunity to pay or return those checks. Unfortunately, many others wait until they experience a loss before taking steps to implement Positive Pay.
A more current example is corporate account takeover, where a company’s network or specific PCs get infected with a virus or malware, somebody obtains access to the system and then performs keystroke logging. The fraudster can then sometimes capture the necessary credentials to get into the business’s online banking.
How should fraud education be handled?
You can educate employees, especially those conducting company financial transactions, by using the knowledge of your IT staff. If you don’t have an in-house IT staff or want to supplement this education, work with your bank to see if it offers any security or fraud seminars. You also can find local and regional fraud awareness seminars through professional organizations.
How can you prevent or mitigate fraud?
To minimize the potential of check fraud, companies can incorporate security features into their check stock, store checks and digital signatures in a secure environment, segregate financial duties, reconcile accounts regularly, and utilize Positive Pay with payee line protection. If something doesn’t match, the bank alerts the business customer who decides to pay or return it.
With increased electronic fraud, which includes Automated Clearing House (ACH) transactions and wire transfers, it’s important to have ACH block and filter. This stops unauthorized transactions from hitting accounts. Companies should also ask if their bank offers malware detection and/or account takeover detection software. This is sometimes provided for free.
Some other preventative measures are to:
- Understand procedures around user authentication and limit users to those who absolutely need access.
- Establish dual verification for any outbound electronic transactions.
- Have dedicated PCs used only for online banking services.
- Change passwords regularly, don’t share or write down logins, and routinely update anti-virus and malware protection software.
What’s the priority with fraud prevention?
The priorities should be Positive Pay, ACH block and filter, and then everything the organization can do to protect its network.
Many businesses don’t take the necessary preventative steps. Only when companies seriously understand the risks can they partner with their bank to combat financial fraud.
Ted Sheerer is a senior vice president, group manager of Cash Management at First Commonwealth Bank. Reach him at (412) 690-2213 or email@example.com.
Insights Wealth Management is brought to you by First Commonwealth Bank